From: Niels Möller Date: Sun, 22 Jun 2025 18:48:37 +0000 (+0200) Subject: Update hmac_gosthash94_digest. X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8b6fea40b76f9293a00c86676084e619792e4060;p=thirdparty%2Fnettle.git Update hmac_gosthash94_digest. --- diff --git a/ChangeLog b/ChangeLog index 89e2bc1a..3c9e0297 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,9 @@ 2025-06-22 Niels Möller + * hmac-internal.h (_NETTLE_HMAC_DIGEST): Do both inner and outer + digest. Update all callers. + (_NETTLE_HMAC_DIGEST_U): Variant for digest_size == block_size. + HMAC context reductions: hmac_sha256_ctx reduced from 336 bytes to 192, hmac_sha512_ctx from 648 to 376, hmac_sha1_ctx from 312 to 168. diff --git a/hmac-gosthash94.c b/hmac-gosthash94.c index 71dd7108..63f60541 100644 --- a/hmac-gosthash94.c +++ b/hmac-gosthash94.c @@ -58,13 +58,10 @@ void hmac_gosthash94_digest(struct hmac_gosthash94_ctx *ctx, uint8_t *digest) { - /* Using _NETTLE_HMAC_DIGEST doesn't work since + /* Needs a call to gosthash94_update, since GOSTHASH94_DIGEST_SIZE == GOSTHASH94_BLOCK_SIZE. */ - gosthash94_digest (&ctx->state, ctx->state.block); - memcpy (&ctx->state, ctx->outer, sizeof (ctx->outer)); - gosthash94_update (&ctx->state, GOSTHASH94_DIGEST_SIZE, ctx->state.block); - gosthash94_digest (&ctx->state, digest); - memcpy (&ctx->state, ctx->inner, sizeof (ctx->inner)); + _NETTLE_HMAC_DIGEST_U (ctx->outer, ctx->inner, &ctx->state, gosthash94_digest, + gosthash94_update, digest); } void @@ -86,11 +83,8 @@ void hmac_gosthash94cp_digest(struct hmac_gosthash94cp_ctx *ctx, uint8_t *digest) { - /* Using _NETTLE_HMAC_DIGEST doesn't work since + /* Needs a call to gosthash94cp_update, since GOSTHASH94CP_DIGEST_SIZE == GOSTHASH94CP_BLOCK_SIZE. */ - gosthash94cp_digest (&ctx->state, ctx->state.block); - memcpy (&ctx->state, ctx->outer, sizeof (ctx->outer)); - gosthash94cp_update (&ctx->state, GOSTHASH94CP_DIGEST_SIZE, ctx->state.block); - gosthash94cp_digest (&ctx->state, digest); - memcpy (&ctx->state, ctx->inner, sizeof (ctx->inner)); + _NETTLE_HMAC_DIGEST_U (ctx->outer, ctx->inner, &ctx->state, gosthash94cp_digest, + gosthash94cp_update, digest); } diff --git a/hmac-internal.h b/hmac-internal.h index 9f67ed8d..3dbb4f7f 100644 --- a/hmac-internal.h +++ b/hmac-internal.h @@ -46,10 +46,23 @@ _nettle_hmac_set_key (size_t state_size, void *outer, void *inner, const struct nettle_hash *hash, size_t key_size, const uint8_t *key); -#define _NETTLE_HMAC_DIGEST(outer, inner, ctx, f, digest) do { \ - memcpy ((ctx), (outer), sizeof (outer)); \ - f ((ctx), (digest)); \ - memcpy ((ctx), (inner), sizeof ((inner))); \ +/* Digest operation for the common case that digest_size < block_size. */ +#define _NETTLE_HMAC_DIGEST(outer, inner, ctx, digest, digest_size, out) do { \ + digest((ctx), (ctx)->block); \ + memcpy ((ctx), (outer), sizeof (outer)); \ + (ctx)->index = (digest_size); \ + digest ((ctx), (out)); \ + memcpy ((ctx), (inner), sizeof (inner)); \ + } while (0) + +/* Digest operation for the corner case that digest_size == block_size (e.g, + ghosthash and streebog512). */ +#define _NETTLE_HMAC_DIGEST_U(outer, inner, ctx, digest, update, out) do { \ + digest((ctx), (ctx)->block); \ + memcpy ((ctx), (outer), sizeof (outer)); \ + update ((ctx), sizeof( (ctx)->block), (ctx)->block); \ + digest ((ctx), (out)); \ + memcpy ((ctx), (inner), sizeof (inner)); \ } while (0) #endif /* NETTLE_HMAC_INTERNAL_H_INCLUDED */ diff --git a/hmac-md5.c b/hmac-md5.c index 240cd92a..448fd83b 100644 --- a/hmac-md5.c +++ b/hmac-md5.c @@ -57,7 +57,6 @@ void hmac_md5_digest(struct hmac_md5_ctx *ctx, uint8_t *digest) { - md5_digest (&ctx->state, ctx->state.block); - ctx->state.index = MD5_DIGEST_SIZE; - _NETTLE_HMAC_DIGEST (ctx->outer, ctx->inner, &ctx->state, md5_digest, digest); + _NETTLE_HMAC_DIGEST (ctx->outer, ctx->inner, &ctx->state, md5_digest, + MD5_DIGEST_SIZE, digest); } diff --git a/hmac-ripemd160.c b/hmac-ripemd160.c index ee5e802f..e65a1410 100644 --- a/hmac-ripemd160.c +++ b/hmac-ripemd160.c @@ -57,7 +57,6 @@ void hmac_ripemd160_digest(struct hmac_ripemd160_ctx *ctx, uint8_t *digest) { - ripemd160_digest (&ctx->state, ctx->state.block); - ctx->state.index = RIPEMD160_DIGEST_SIZE; - _NETTLE_HMAC_DIGEST (ctx->outer, ctx->inner, &ctx->state, ripemd160_digest, digest); + _NETTLE_HMAC_DIGEST (ctx->outer, ctx->inner, &ctx->state, ripemd160_digest, + RIPEMD160_DIGEST_SIZE, digest); } diff --git a/hmac-sha1.c b/hmac-sha1.c index a04fc324..ce890e05 100644 --- a/hmac-sha1.c +++ b/hmac-sha1.c @@ -57,7 +57,6 @@ void hmac_sha1_digest(struct hmac_sha1_ctx *ctx, uint8_t *digest) { - sha1_digest (&ctx->state, ctx->state.block); - ctx->state.index = SHA1_DIGEST_SIZE; - _NETTLE_HMAC_DIGEST (ctx->outer, ctx->inner, &ctx->state, sha1_digest, digest); + _NETTLE_HMAC_DIGEST (ctx->outer, ctx->inner, &ctx->state, sha1_digest, + SHA1_DIGEST_SIZE, digest); } diff --git a/hmac-sha224.c b/hmac-sha224.c index dc588a0e..e98bab97 100644 --- a/hmac-sha224.c +++ b/hmac-sha224.c @@ -52,7 +52,6 @@ void hmac_sha224_digest(struct hmac_sha224_ctx *ctx, uint8_t *digest) { - sha224_digest (&ctx->state, ctx->state.block); - ctx->state.index = SHA224_DIGEST_SIZE; - _NETTLE_HMAC_DIGEST (ctx->outer, ctx->inner, &ctx->state, sha224_digest, digest); + _NETTLE_HMAC_DIGEST (ctx->outer, ctx->inner, &ctx->state, sha224_digest, + SHA224_DIGEST_SIZE, digest); } diff --git a/hmac-sha256.c b/hmac-sha256.c index aa9ce206..c67cae70 100644 --- a/hmac-sha256.c +++ b/hmac-sha256.c @@ -59,7 +59,6 @@ void hmac_sha256_digest(struct hmac_sha256_ctx *ctx, uint8_t *digest) { - sha256_digest (&ctx->state, ctx->state.block); - ctx->state.index = SHA256_DIGEST_SIZE; - _NETTLE_HMAC_DIGEST (ctx->outer, ctx->inner, &ctx->state, sha256_digest, digest); + _NETTLE_HMAC_DIGEST (ctx->outer, ctx->inner, &ctx->state, sha256_digest, + SHA256_DIGEST_SIZE, digest); } diff --git a/hmac-sha384.c b/hmac-sha384.c index 8c0b2cc5..96b77f85 100644 --- a/hmac-sha384.c +++ b/hmac-sha384.c @@ -50,7 +50,6 @@ void hmac_sha384_digest(struct hmac_sha512_ctx *ctx, uint8_t *digest) { - sha384_digest (&ctx->state, ctx->state.block); - ctx->state.index = SHA384_DIGEST_SIZE; - _NETTLE_HMAC_DIGEST (ctx->outer, ctx->inner, &ctx->state, sha384_digest, digest); + _NETTLE_HMAC_DIGEST (ctx->outer, ctx->inner, &ctx->state, sha384_digest, + SHA384_DIGEST_SIZE, digest); } diff --git a/hmac-sha512.c b/hmac-sha512.c index 59b15721..1bc0c69b 100644 --- a/hmac-sha512.c +++ b/hmac-sha512.c @@ -57,7 +57,6 @@ void hmac_sha512_digest(struct hmac_sha512_ctx *ctx, uint8_t *digest) { - sha512_digest (&ctx->state, ctx->state.block); - ctx->state.index = SHA512_DIGEST_SIZE; - _NETTLE_HMAC_DIGEST (ctx->outer, ctx->inner, &ctx->state, sha512_digest, digest); + _NETTLE_HMAC_DIGEST (ctx->outer, ctx->inner, &ctx->state, sha512_digest, + SHA512_DIGEST_SIZE, digest); } diff --git a/hmac-sm3.c b/hmac-sm3.c index bba2afe7..49f22a04 100644 --- a/hmac-sm3.c +++ b/hmac-sm3.c @@ -58,7 +58,6 @@ void hmac_sm3_digest(struct hmac_sm3_ctx *ctx, uint8_t *digest) { - sm3_digest (&ctx->state, ctx->state.block); - ctx->state.index = SM3_DIGEST_SIZE; - _NETTLE_HMAC_DIGEST (ctx->outer, ctx->inner, &ctx->state, sm3_digest, digest); + _NETTLE_HMAC_DIGEST (ctx->outer, ctx->inner, &ctx->state, sm3_digest, + SM3_DIGEST_SIZE, digest); } diff --git a/hmac-streebog.c b/hmac-streebog.c index 1791cb44..83b57140 100644 --- a/hmac-streebog.c +++ b/hmac-streebog.c @@ -58,13 +58,10 @@ void hmac_streebog512_digest(struct hmac_streebog512_ctx *ctx, uint8_t *digest) { - /* Using _NETTLE_HMAC_DIGEST doesn't work since - STREEBOG512_DIGEST_SIZE == STREEBOG512_BLOCK_SIZE. */ - streebog512_digest (&ctx->state, ctx->state.block); - memcpy (&ctx->state, ctx->outer, sizeof (ctx->outer)); - streebog512_update (&ctx->state, STREEBOG512_DIGEST_SIZE, ctx->state.block); - streebog512_digest (&ctx->state, digest); - memcpy (&ctx->state, ctx->inner, sizeof (ctx->inner)); + /* Needs a call to streebog512_update, since STREEBOG512_DIGEST_SIZE + == STREEBOG512_BLOCK_SIZE. */ + _NETTLE_HMAC_DIGEST_U (ctx->outer, ctx->inner, &ctx->state, streebog512_digest, + streebog512_update, digest); } void @@ -79,7 +76,6 @@ void hmac_streebog256_digest(struct hmac_streebog256_ctx *ctx, uint8_t *digest) { - streebog256_digest (&ctx->state, ctx->state.block); - ctx->state.index = STREEBOG256_DIGEST_SIZE; - _NETTLE_HMAC_DIGEST (ctx->outer, ctx->inner, &ctx->state, streebog256_digest, digest); + _NETTLE_HMAC_DIGEST (ctx->outer, ctx->inner, &ctx->state, streebog256_digest, + STREEBOG256_DIGEST_SIZE, digest); }